<?php
session_start();
$error='';
if(!isset($_POST['name'])||empty($_POST['name'])){
	$error=array('code'=>404,'msg'=>'用户名不能为空');
}elseif(!isset($_POST['password'])||empty($_POST['password'])){
	$error=array('code'=>403,'msg'=>'密码不能为空');
}

if(!empty($error)){
	echo json_encode($error);
	exit;
}

$admin_dir = __DIR__;
$project_dir = dirname($admin_dir);//blog目录
$conf_dir = $project_dir.DIRECTORY_SEPARATOR.'config';//config目录 
$config = parse_ini_file($conf_dir.DIRECTORY_SEPARATOR.'config.ini');
$lib_dir = $project_dir.DIRECTORY_SEPARATOR.'lib';//lib目录 
include $lib_dir.DIRECTORY_SEPARATOR.'db.php';
$mysql = new MysqlDb($config['host'],$config['user'],$config['pass'],$config['name'],$config['charset']);
$user = addslashes($_POST['name']);
$sql = "SELECT * FROM user WHERE username='{$user}'";
$row = $mysql->getRow($sql);

if($row){
	$pass = md5($_POST['password']);
	if($pass!=$row['password']){
		$error=array('code'=>403,'msg'=>'用户名或密码不正确');
		echo json_encode($error);
	}else{
		$_SESSION['userid']=$row['id'];
		$_SESSION['username']=$row['username'];
		$success=array('code'=>'000','msg'=>'登录成功','lcation'=>'index.php');
		echo json_encode($success);
	}
}else{
	$error=array('code'=>403,'msg'=>'用户不存在');
	echo json_encode($error);
}